CA2374655A1 - System and methods for maintaining and distributing personal security devices - Google Patents
System and methods for maintaining and distributing personal security devices Download PDFInfo
- Publication number
- CA2374655A1 CA2374655A1 CA002374655A CA2374655A CA2374655A1 CA 2374655 A1 CA2374655 A1 CA 2374655A1 CA 002374655 A CA002374655 A CA 002374655A CA 2374655 A CA2374655 A CA 2374655A CA 2374655 A1 CA2374655 A1 CA 2374655A1
- Authority
- CA
- Canada
- Prior art keywords
- security device
- personal security
- information
- authentication
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
Abstract
This invention relates to methods and apparatus for securely accessing and providing information including the use of a personal security device on a client where the client is subject to compromise.
Description
SYSTEM AND METHODS FOR MAINTAINING AND DISTRIBUTING PERSONAL
SECURITY DEVICES
BACKGROUND OF THE INVENTION
Field of the Invention This invention relates to the field of cryptography, including user authentication, document authentication, symmetric key cryptography, public key cryptography, secure communications, secret sharing, and key distribution.
Description of the Related Art Cryptography has become increasingly important with the increased presence of the Internet, an inherently insecure transmission medium. Cryptography enables methods of secure user authentication, which is a prerequisite to performing secure electronic commerce on the Internet.
~ o Typical methods of user authentication are insecure and vulnerable to eavesdropping. For example, suppose that a user Alice wishes to log into a computer over the Internet. A typical authentication process requires Alice to enter her password. This password is typically entered and transmitted in the clear and may be easily intercepted by an eavesdropper Eve as it travels across the Internet, providing Eve with the information necessary to gain exactly the same access ~ s privileges as Alice. Cryptography provides secure authentication protocols allowing Eve to eavesdrop on the authentication information without providing her with the necessary information to gain the same access privileges as Alice.
Cryptographic methods of secure user authentication require the storage of sensitive information, typically on a medium such as the hard disk drive of a general purpose computer or 2o the flash memory of a personal digital assistant. With the increasing portability and mobility of such hardware comes the increasing ease of its theft. In one illustrative example, a user travels with a laptop computer containing authentication information stored on its hard disk. This authentication information can be used to make a secure network connection, to log in to a remote host, and to sign email. If the laptop were to be stolen, the thief could then use this stolen 25 information to perform further mischief by masquerading as the user.
SECURITY DEVICES
BACKGROUND OF THE INVENTION
Field of the Invention This invention relates to the field of cryptography, including user authentication, document authentication, symmetric key cryptography, public key cryptography, secure communications, secret sharing, and key distribution.
Description of the Related Art Cryptography has become increasingly important with the increased presence of the Internet, an inherently insecure transmission medium. Cryptography enables methods of secure user authentication, which is a prerequisite to performing secure electronic commerce on the Internet.
~ o Typical methods of user authentication are insecure and vulnerable to eavesdropping. For example, suppose that a user Alice wishes to log into a computer over the Internet. A typical authentication process requires Alice to enter her password. This password is typically entered and transmitted in the clear and may be easily intercepted by an eavesdropper Eve as it travels across the Internet, providing Eve with the information necessary to gain exactly the same access ~ s privileges as Alice. Cryptography provides secure authentication protocols allowing Eve to eavesdrop on the authentication information without providing her with the necessary information to gain the same access privileges as Alice.
Cryptographic methods of secure user authentication require the storage of sensitive information, typically on a medium such as the hard disk drive of a general purpose computer or 2o the flash memory of a personal digital assistant. With the increasing portability and mobility of such hardware comes the increasing ease of its theft. In one illustrative example, a user travels with a laptop computer containing authentication information stored on its hard disk. This authentication information can be used to make a secure network connection, to log in to a remote host, and to sign email. If the laptop were to be stolen, the thief could then use this stolen 25 information to perform further mischief by masquerading as the user.
One type of sensitive authentication information is a user's private key. A
private key is a component of public key cryptography, which enables methods of user authentication as well as secure communications over unsecured channels. Public key cryptography employs a key pair comprising a public key and a private key. One key is used to encrypt a file and the other key is s used to decrypt it. The key used to encrypt a file is not useful for subsequently decrypting it. In general, public key cryptography enables a user Alice to authenticate herself to another user Bob by encrypting data provided by Bob with her private key, creating a digital signature. Alice then sends the signature to Bob. Bob then uses Alice's public key to decrypt the signature, which he then compares to the plaintext. Alice is authenticated to Bob if the decrypted and plaintext data ~o match. Implementations of public key cryptography include RSA, Diffie-Helman, ElGamal, and Elliptic Curve Cryptography ("ECC").
Another type of sensitive information is the output of an authentication token. In one implementation, an authentication token displays a number that changes periodically. The numbers displayed are elements in a pseudorandom sequence. Before the token is used, it is synchronized with a security server so that the security server subsequently knows what number is displayed on the token at any given time. When a user seeks access to a resource administered by the security server, the user sends the server the number currently displayed on the token. The server then authenticates the user by comparing the sent number with the number that the server expects the authentication token to currently display. If they match, the user is authenticated and zo granted access to the resource. An authentication token can be implemented in hardware or software. In one software implementation, an authentication token includes program code running on the user's laptop.
Another type of sensitive information is a key to a challenge-response protocol. In one implementation of this protocol, the key comprises a number known by the user and an 2s authentication server. Instead of requesting the number directly, the authentication server sends the user an operand. The user performs a mathematical function using the operand and the key and sends the result back to the authentication server, which compares the user's answer with the expected answer. The mathematical function is designed so that it is impractical to discern the key from the operand and the result. A challenge-response authentication protocol can be so implemented in software on the user's a general purpose computer.
Sensitive information for secure user authentication can be stored on a variety of hardware. For example, secure user authentication methods may be implemented on a workstation, a desktop computer, a laptop computer, a personal digital assistant, a smartcard, a universal serial bus ("USB") key, or specialized hardware. This specialized hardware can be small and portable, with form factors similar to a credit card, a gumdrop, or a school ring.
There is a need to protect sensitive information stored on a wide range hardware that is subject to several forms of physical compromise.
BRIEF SUMMARY OF THE INVENTION
The invention provides apparatus and methods for securely accessing and providing information. In one embodiment the invention relates to a method for securely providing information including the steps of receiving information identifying an encrypted personal ~ o ~ security device, providing the encrypted personal security device, receiving authentication information, and providing decryption information for the personal security device responsive to the authentication information. In a further embodiment, the encrypted personal security device includes an encrypted key. In another embodiment, the encrypted personal security device includes information necessary to make a secure virtual private network connection. In another ~ s embodiment. the method further includes the step of validating the authentication information.
In another embodiment, the step of providing the encrypted personal security device includes the steps of retrieving and providing the personal security device. In a further embodiment, the retrieval step includes retrieving the personal security device from an authentication server. In another embodiment, the method further includes the step of storing the personal security device 20 on a smartcard. In another embodiment, the method further includes the step of storing the personal security device in a volatile memory element.
In another aspect the invention relates to a method for accessing secure information including the steps of receiving an encrypted personal security device, receiving decryption information for the personal security device, and decrypting the personal security device. In one 25 embodiment the method further includes the step of using the decrypted personal security device to access secure information. In another embodiment, the personal security device includes information necessary to make a secure network connection between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the so method further includes the steps of transmitting information identifying an encrypted personal security device and transmitting authentication information. In another embodiment, the method further includes the step of storing the personal security device on a smartcard. In another embodiment, the method further includes the step of storing the personal security device in a volatile memory element.
In another embodiment the invention relates to a method for allowing a network client s secure access to information including the steps of requesting, by the network client, a personal security device from a network server, wherein the personal security device includes encrypted information necessary to make a secure network connection, forwarding, by the network server, the personal security device to the network client, and providing, by the network server, decryption information for the personal security device. In another embodiment, the personal ~ o security device includes information necessary to make a secure virtual private network connection. In another embodiment, the method further includes the steps of forwarding, by the network server, the request to an authentication server, querying, by the authentication server, a user databse with the request, returning, by the user database, a personal security device to the authentication server, and forwarding, by the authentication server, the personal security device 15 to the network server. In another embodiment, the method further includes the steps of obtaining, by the client, authentication information from an authentication token, providing, by the client, the authentication information to the authentication server, confirming, by the authentication server, the validity of the authentication information, retrieving, by the network server, decryption information for the personal security device from a database, and providing, by 2o the network server, decryption information for the personal security device to the client. In another embodiment, the method further includes the step of decrypting, by the client, the personal security device.
In another embodiment the invention relates to a device for providing secure access to information including a first receiver receiving information identifying an encrypted personal 2s security device, a first transmitter providing the personal security device, a second receiver receiving authentication information, and a second transmitter providing decryption information for the personal security device responsive to the authentication information.
In a further embodiment, the personal security device includes an encrypted key. In another embodiment, the personal security device includes information necessary to make a secure network connection so between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the device also includes an authenticator validating the authentication information. In another embodiment, the first receiver is the same as the second receiver. In another embodiment, the first transmitter is the same as the second transmitter.
In another aspect the invention relates to a device for accessing secure information including a first receiver receiving an encrypted personal security device, a second receiver s receiving decryption information for the personal security device, and a decryptor decrypting the personal security device. In another embodiment, the personal security device includes information necessary to make a secure network connection between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the ~o device further includes a first transmitter transmitting information identifying an encrypted personal security device, and a second transmitter transmitting authentication information. In another embodiment, the first transmitter is the same as the second transmitter. In another embodiment, the device also includes a smartcard storing the decryption information. In another embodiment, the device also includes a volatile memory element storing the decryption ~s information. In another embodiment, the first receiver is the same as the second receiver.
In another embodiment the invention relates to a system for providing secure access to information including a network client including a volatile memory element and a network server storing an encrypted personal security device in a server memory element, the personal security device including encrypted information. In another embodiment, the system further includes a 2o smartcard having a volatile memory element storing the personal security device. In another embodiment, the system further includes decrypted information for forming a secure network connection between the client and the server wherein the decrypted information is derived from applying the decryption information to the personal security device. In a further embodiment, the decryption information is stored in the volatile memory element. In a further embodiment, the 25 decrypted information is stored in the volatile memory element. In another embodiment, the network is a virtual private network. In a further embodiment, the encrypted information includes information necessary for forming a secure network connection the the client and the server. In a further embodiment, the system further includes an authentication token, wherein the token is capable of providing authentication information, and an authentication server, wherein so the authentication server includes a user database, wherein the user database includes decryption information for the personal security device, and wherein the authentication server is capable of providing the decryption information upon receipt of the authentication information.
private key is a component of public key cryptography, which enables methods of user authentication as well as secure communications over unsecured channels. Public key cryptography employs a key pair comprising a public key and a private key. One key is used to encrypt a file and the other key is s used to decrypt it. The key used to encrypt a file is not useful for subsequently decrypting it. In general, public key cryptography enables a user Alice to authenticate herself to another user Bob by encrypting data provided by Bob with her private key, creating a digital signature. Alice then sends the signature to Bob. Bob then uses Alice's public key to decrypt the signature, which he then compares to the plaintext. Alice is authenticated to Bob if the decrypted and plaintext data ~o match. Implementations of public key cryptography include RSA, Diffie-Helman, ElGamal, and Elliptic Curve Cryptography ("ECC").
Another type of sensitive information is the output of an authentication token. In one implementation, an authentication token displays a number that changes periodically. The numbers displayed are elements in a pseudorandom sequence. Before the token is used, it is synchronized with a security server so that the security server subsequently knows what number is displayed on the token at any given time. When a user seeks access to a resource administered by the security server, the user sends the server the number currently displayed on the token. The server then authenticates the user by comparing the sent number with the number that the server expects the authentication token to currently display. If they match, the user is authenticated and zo granted access to the resource. An authentication token can be implemented in hardware or software. In one software implementation, an authentication token includes program code running on the user's laptop.
Another type of sensitive information is a key to a challenge-response protocol. In one implementation of this protocol, the key comprises a number known by the user and an 2s authentication server. Instead of requesting the number directly, the authentication server sends the user an operand. The user performs a mathematical function using the operand and the key and sends the result back to the authentication server, which compares the user's answer with the expected answer. The mathematical function is designed so that it is impractical to discern the key from the operand and the result. A challenge-response authentication protocol can be so implemented in software on the user's a general purpose computer.
Sensitive information for secure user authentication can be stored on a variety of hardware. For example, secure user authentication methods may be implemented on a workstation, a desktop computer, a laptop computer, a personal digital assistant, a smartcard, a universal serial bus ("USB") key, or specialized hardware. This specialized hardware can be small and portable, with form factors similar to a credit card, a gumdrop, or a school ring.
There is a need to protect sensitive information stored on a wide range hardware that is subject to several forms of physical compromise.
BRIEF SUMMARY OF THE INVENTION
The invention provides apparatus and methods for securely accessing and providing information. In one embodiment the invention relates to a method for securely providing information including the steps of receiving information identifying an encrypted personal ~ o ~ security device, providing the encrypted personal security device, receiving authentication information, and providing decryption information for the personal security device responsive to the authentication information. In a further embodiment, the encrypted personal security device includes an encrypted key. In another embodiment, the encrypted personal security device includes information necessary to make a secure virtual private network connection. In another ~ s embodiment. the method further includes the step of validating the authentication information.
In another embodiment, the step of providing the encrypted personal security device includes the steps of retrieving and providing the personal security device. In a further embodiment, the retrieval step includes retrieving the personal security device from an authentication server. In another embodiment, the method further includes the step of storing the personal security device 20 on a smartcard. In another embodiment, the method further includes the step of storing the personal security device in a volatile memory element.
In another aspect the invention relates to a method for accessing secure information including the steps of receiving an encrypted personal security device, receiving decryption information for the personal security device, and decrypting the personal security device. In one 25 embodiment the method further includes the step of using the decrypted personal security device to access secure information. In another embodiment, the personal security device includes information necessary to make a secure network connection between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the so method further includes the steps of transmitting information identifying an encrypted personal security device and transmitting authentication information. In another embodiment, the method further includes the step of storing the personal security device on a smartcard. In another embodiment, the method further includes the step of storing the personal security device in a volatile memory element.
In another embodiment the invention relates to a method for allowing a network client s secure access to information including the steps of requesting, by the network client, a personal security device from a network server, wherein the personal security device includes encrypted information necessary to make a secure network connection, forwarding, by the network server, the personal security device to the network client, and providing, by the network server, decryption information for the personal security device. In another embodiment, the personal ~ o security device includes information necessary to make a secure virtual private network connection. In another embodiment, the method further includes the steps of forwarding, by the network server, the request to an authentication server, querying, by the authentication server, a user databse with the request, returning, by the user database, a personal security device to the authentication server, and forwarding, by the authentication server, the personal security device 15 to the network server. In another embodiment, the method further includes the steps of obtaining, by the client, authentication information from an authentication token, providing, by the client, the authentication information to the authentication server, confirming, by the authentication server, the validity of the authentication information, retrieving, by the network server, decryption information for the personal security device from a database, and providing, by 2o the network server, decryption information for the personal security device to the client. In another embodiment, the method further includes the step of decrypting, by the client, the personal security device.
In another embodiment the invention relates to a device for providing secure access to information including a first receiver receiving information identifying an encrypted personal 2s security device, a first transmitter providing the personal security device, a second receiver receiving authentication information, and a second transmitter providing decryption information for the personal security device responsive to the authentication information.
In a further embodiment, the personal security device includes an encrypted key. In another embodiment, the personal security device includes information necessary to make a secure network connection so between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the device also includes an authenticator validating the authentication information. In another embodiment, the first receiver is the same as the second receiver. In another embodiment, the first transmitter is the same as the second transmitter.
In another aspect the invention relates to a device for accessing secure information including a first receiver receiving an encrypted personal security device, a second receiver s receiving decryption information for the personal security device, and a decryptor decrypting the personal security device. In another embodiment, the personal security device includes information necessary to make a secure network connection between a network client and a network server. In another embodiment, the personal security device includes information necessary to make a secure virtual private network connection. In another embodiment, the ~o device further includes a first transmitter transmitting information identifying an encrypted personal security device, and a second transmitter transmitting authentication information. In another embodiment, the first transmitter is the same as the second transmitter. In another embodiment, the device also includes a smartcard storing the decryption information. In another embodiment, the device also includes a volatile memory element storing the decryption ~s information. In another embodiment, the first receiver is the same as the second receiver.
In another embodiment the invention relates to a system for providing secure access to information including a network client including a volatile memory element and a network server storing an encrypted personal security device in a server memory element, the personal security device including encrypted information. In another embodiment, the system further includes a 2o smartcard having a volatile memory element storing the personal security device. In another embodiment, the system further includes decrypted information for forming a secure network connection between the client and the server wherein the decrypted information is derived from applying the decryption information to the personal security device. In a further embodiment, the decryption information is stored in the volatile memory element. In a further embodiment, the 25 decrypted information is stored in the volatile memory element. In another embodiment, the network is a virtual private network. In a further embodiment, the encrypted information includes information necessary for forming a secure network connection the the client and the server. In a further embodiment, the system further includes an authentication token, wherein the token is capable of providing authentication information, and an authentication server, wherein so the authentication server includes a user database, wherein the user database includes decryption information for the personal security device, and wherein the authentication server is capable of providing the decryption information upon receipt of the authentication information.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS
The foregoing and other objects, features and advantages of the present invention, as well as the invention itself, will be more fully understood from the following description of preferred embodiments, when read together with the accompanying drawings, in which:
s FIG. 1 is a flowchart illustrating the interaction between a client and a server.
FIG. 2 is a flowchart illustrating steps a server undertakes to securely provide information.
FIG. 3 is a flowchart illustrating steps a client undertakes performing a challenge-response protocol for accessing information.
~ o FIG. 4 is a schematic illustration of a security regime.
FIG. 5 is a flowchart illustrating steps a client undertakes to securely receive and access information.
FIG. 6 is a schematic illustration of a hardware embodiment used to store and access a personal security device.
15 FIG. 7 is a schematic illustration of a hardware embodiment used to store and access a personal security device.
FIG. 8 is a flowchart illustrating steps to erase sensitive information after use.
FIG. 9 is a schematic illustration of a system for securely providing information.
FIG. 10 is a schematic illustration of a workstation storing and decrypting a personal 2o security device.
FIG. 11 is a schematic illustration of a system for securely providing a key in response to authentication.
FIG. 12 is a schematic illustration of a smartcard and a smartcard reader.
FIG. 13 is a schematic illustration of a personal security device stored in an external non-is volatile medium.
DETAILED DESCRIPTION OF THE INVENTION
For the purposes of this invention, the term "personal security device" refers to encrypted sensitive information that may be stored on devices subject to physical compromise. "Personal security device" may also be used as a synecdoche to refer to the hardware storing this encrypted so sensitive information. In one embodiment of the invention, the personal security device can only be decrypted with decryption information, known as a key.
For the purposes of this invention, "non-volatile storage medium" refers to any medium in which data persists when power is not supplied to the device on which the medium resides.
Examples of non-volatile storage media include disks, tapes, compact disc read-only memory ("CD-ROM"), digital versatile disc ("DVD"), flash memory, erasable-programmable read-only s memory ("EPROM") and read-only memory ("ROM"). For the purposes of this invention, "volatile storage medium" refers to any medium in which data is stored in a transitory manner or data is lost when power is removed from the medium. An example of a volatile storage medium is random-access memory ("RAM"). In a typical embodiment, volatile storage media are less susceptible to physical compromise than non-volatile storage media.
~o For the purposes of this invention, the term "physical compromise"
encompasses any means by which an adversary may gain access to information on a user's system.
For example, a laptop computer can be stolen and its contents accessed. Physical compromise also encompasses an adversary may gaining entrance to an office and copying sensitive contents of a target computer onto a removable storage medium such as a floppy disk or removable cartridge.
~s Physical compromise also encompasses an adversary transmitting sensitive information from a target computer to one of the adversary's computers over a computer network such as the Internet. Physical compromise also encompasses the use of cracking methods including viruses and trojan horses. For example, a desktop system can be infected with a virus that seeks out sensitive information and transmits what it finds to an adversary over the Internet. Alternatively, 2o an adversary can exploit a security hole in an operating system to gain access to that system directly. One example of a security hole exploit is known as Back Orifice, which provides unauthorized access to systems running Microsoft's Windows NT operating system.
For the purposes of this invention, the term "authentication token" refers to a device or program providing authentication information to a user that is determined based on secret 25 information shared by the authentication token and an authentication server. In one embodiment, the authentication token is implemented as code running on the user's general purpose computer.
In an alternate embodiment, the authentication token is implemented on specialized hardware.
Referring to FIG. 1, and in brief overview, a system is provided One embodiment of the invention, as illustrated in FIG. 1, includes a client that interacts ao with a server to gain access to sensitive information. The client first transmits a personal security device query to the server (Step 100). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, _g_ the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network.
In a further embodiment, the wide area network is the Internet. In one embodiment, the query is s received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
The server receives the personal security device query (Step 110), and provides the personal security device to the client (Step 120). In one embodiment, the server provides the 1 o personal security device by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is transmitted over an open or unsecured connection.
In an alternate embodiment, the personal security device is transmitted over a secured ~s connection. In a further embodiment, the connection is secured by the SSL
protocol.
The client then receives the transmitted personal security device (Step 130) and transmits a key query requesting the key to the personal security device (Step 140). The key query includes an unique identifier for the personal security device to be decrypted. The key query also includes authentication information. In one embodiment, the authentication information is the output of 2o an authentication token. In an alternate embodiment, the authentication information is a digitally-signed document. In yet another alternate embodiment, the authentication information is a passphrase. In yet another alternate embodiment, the authentication information is a response to a challenge. In yet another alternate embodiment, the authentication information includes biometric information. In one embodiment, the key query is transmitted via a computer 25 network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is transmitted via an open or unsecured connection. In an alternate embodiment, the key query is transmitted via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol.
so The server then receives the key query (Step 150) and determines if the authentication information is correct (Step 160). In one embodiment, the server determines if the authentication information matches the information the server expects to be displayed on an authentication token. In an alternate embodiment, the server verifies the authentication information's digital signature. In yet another alternate embodiment, the server determines if the authentication information matches a passphrase. In yet another alternate embodiment, the server determines if the authentication information is a correctly calculated response to a challenge. In yet another alternate embodiment, the server determines if the authentication information matches a user's biometric information.
If the authentication information is correct, the server provides the key to the personal security device (Step 170). Otherwise the server refuses to provide the key (Step 180). In one embodiment, the server provides the key by transmitting it over a computer network. In a further ~o embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is transmitted over an open or unsecured connection. In an alternate embodiment, the key is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~s The client receives the key (Step 190) and uses it to decrypt the personal security device (Step 195) thereby gaining access to its contents. In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher such as RC4, A4, DES, RCS, Blowfish, or RC6. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed 2o using a public-key cryptographic cipher.
In one embodiment of this invention, the personal security device may be distributed openly and without any requirement for authentication. In a further embodiment, the key to the personal security device is not distributed openly, but only in response to proper authentication.
FIG. 2 illustrates steps taken by a server of this embodiment. The server receives a query for a is personal security device (Step 200). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network.
so In a further embodiment, the wide area network is the Internet. In one embodiment, the query is received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
The server then provides the personal security device (Step 210). In one embodiment, the server provides the personal security device by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is transmitted over an open or unsecured connection. In an alternate embodiment, the personal security device is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL
~ o protocol.
The server then receives a key query (Step 220). The key query includes an unique identifier for the personal security device to be decrypted. The key query also includes authentication information. In one embodiment, the authentication information is the output of an authentication token. In an alternate embodiment, the authentication information is a ~s digitally-signed document. In yet another alternate embodiment, the authentication information is a passphrase. In yet another alternate embodiment, the authentication information is a response to a challenge. In yet another alternate embodiment, the authentication information includes biometric information. In one embodiment, the key query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate 2o embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is received via an open or unsecured connection. In an alternate embodiment, the key query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol.
The server then determines if the authentication information is correct (Step 230). In one is embodiment, the server determines if the authentication information matches the information the server expects to be displayed on an authentication token. In an alternate embodiment, the server verifies the authentication information's digital signature. In yet another alternate embodiment, the server determines if the authentication information matches a passphrase.
In yet another alternate embodiment, the server determines if the authentication information is a correctly so calculated response to a challenge. In yet another alternate embodiment, the server determines if the authentication information matches a user's biometric information.
If the authentication information is correct, the server provides the key to the personal security device (Step 240). Otherwise the server refuses to provide the key (Step 250). In one embodiment, the server provides the key by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the s computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is transmitted over an open or unsecured connection. In an alternate embodiment, the key is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
Methods of providing proper authentication include but are not limited to entering a i o password, successfully completing a challenge-response protocol, entering data from an authentication token, and biometric authentication. Characterisitics for biometric authentication can include fingerprints, voice prints, retinal scan, facial features, or the measurement of any physical characteristic associated with a user to be authenticated.
FIG. 3 illustrates an embodiment employing a challenge-response protocol. A
client ~s requests a specific personal security device by sending a personal security device query (Step 300). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an 2o alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the query is received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
2s The client then receives the personal security device (Step 310). In one embodiment, the client receives the personal security device over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is received over an open or unsecured connection. In so an alternate embodiment, the personal security device is received over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The client then requests the key to the personal security device by transmitting a key query (Step 320). The key query includes an unique identifier for the personal security device to be decrypted. In one embodiment, the key query is transmitted via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, s the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is transmitted via an open or unsecured connection. In an alternate embodiment, the key query is transmitted via a secured connection.
In a further embodiment, the connection is secured by the SSL protocol.
Next, the client receives an authentication challenge (Step 330). In one embodiment, the ~o authentication challenge is an operand generated by the server, where the proper response is the result of performing a mathematical function on the operand and a secret number. In a further embodiment, the mathematical function is a one-way function, such that it is infeasible to determine the secret number from the operand and the result. In one embodiment, the authentication challenge is received via a computer network. In a further embodiment, the ~s computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the authentication challenge is received via an open or unsecured connection. In an alternate embodiment, the authentication challenge is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
2o Next, the client provides a response to the authentication challenge (Step 340). In one embodiment, the response is generated by performing the mathematical function on the operand and the secret number. In one embodiment, the client provides the response by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. W a further is embodiment, the wide area network is the Internet. In one embodiment, the response is transmitted over an open or unsecured connection. In an alternate embodiment, the response is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The response is then validated (Step 350). If the response is authentic, then the client is so send the key (Step 370) which the client then uses to decrypt the personal security device (Step 380) and gain access to its contents. If the response is not authentic, then the client is refused the key (Step 360). In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher such as RC2, RCS, DES, Twofish, A5, or RC4. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed using a public-key cryptographic cipher such as RSA, Diffie-Helman, ElGamal or Elliptic Curve Cryptography s ("ECC"). In one embodiment, the key is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~ o The personal security device server does not have to be the same as the authentication server. The embodiment in FIG. 4 illustrates the separation of the personal security device server 400 from the authentication server 410. The personal security device server 400 is in operative association with a personal security device database 420. The personal security device server 400 provides the contents of the personal security device database 420 without requiring ~s authentication. In this embodiment, the contents of the personal security device database 420 can be considered public information. The authentication server 410 is in operative association with a key database 430. The information in the key database 430 is sensitive information which must be kept secure and is only given out in response to proper authentication.
Optionally, the authentication server 410 and the key database 430 can be further protected by being placed 2o behind a firewall 440.
In one embodiment of the invention, a user requests and receives a personal security device from a server, which the user then stores in a non-volatile storage medium such as a hard disk drive or flash memory. In a further embodiment, the user requests the key to the personal security device while providing proper authentication. In this embodiment, the user stores the 2s key in a volatile storage medium, such as random access memory ("RAM"). In yet a further embodiment, the user decrypts the personal security device with the key and stores the decrypted sensitive information in a volatile storage medium. FIG. 5 illustrates the steps taken by a user or client of this embodiment. The client receives a personal security device (Step 500). In one embodiment, the client receives the personal security device over a computer network. In a so further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is received over an open or unsecured connection. In an alternate embodiment, the personal security device is received over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The personal security device is then stored on the client on a non-volatile storage medium (Step 510). In one embodiment, the non-volatile storage medium is a disk drive such as a hard s disk, a floppy disk, or a removable cartridge such as a Zip drive. In an alternate embodiment, the non-volatile storage medium is memory such as flash memory or eraseable programmable read-only memory ("EPROM") where the contents of the memory are retained even if power is removed.
The client then receives the key to the personal security device (Step 520), typically in ~o response to successful authentication. In one embodiment, the key is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~s The client then uses the key to decrypt the personal security device and gain access to its contents (Step 530). In this embodiment, the key and the decrypted contents are stored in the client's volatile storage medium. In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and 2o the decryption is performed using a public-key cryptographic cipher.
FIG. 6 illustrates the hardware of an embodiment used to store and access a personal security device and its contents. The hardware includes a central processing unit ("CPU") 600 in operative association with volatile storage 610 and non-volatile storage 620.
In this embodiment, an encrypted personal security device 630 is stored in the non-volatile storage 610. When a user 2s wishes to access the contents of the personal security device 630, a key 640 is stored in the volatile storage 610. The CPU 600 then uses the key 640 to decrypt the contents of the personal security device and store the decrypted contents 650 in the volatile storage 610.
Some general purpose computers use non-volatile disk storage to supplement volatile random access memory ("RAM") storage. Referring to FIG. 7, a general purpose computer 700 so includes a central processing unit ("CPU") 710 in operative association with volatile RAM 720 and a non-volatile disk drive 740. The disk drive 740 includes swap space 730.
When sections of RAM 720 aren't being used, their contents are "swapped out" into the swap space 730 so that the RAM 720 can be used for other purposes. When a user wishes to access those contents, they are swapped back into the RAM 720. Because the use of swap space 730 writes the contents of volatile storage 720 into non-volatile storage 740, it is desirable to erase sensitive information from volatile storage 720 as soon as it is finished being used. Otherwise, unused sensitive s information could be written out to nonvolatile swap space 730.
In one embodiment, illustrated in the flowchart of FIG. 8, the information stored in the volatile storage medium is erased after use. First, the personal security device is stored in a non-volatile storage medium (Step 800). In one embodiment, the personal security device is stored by a user after having been provided by a server. In an alternate embodiment, the personal to security device is stored in the non-volatile storage medium before the medium is distributed to the user.
Next, the key to the personal security device is stored in a volatile medium (Step 810). In one embodiment, the key is obtained from an authentication server. In an alternate embodiment, the key is directly entered by a user.
~s The key is then used to decrypt the personal security device (Step 820). In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher.
In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed using a public-key cryptographic cipher. The decrypted contents of the personal security device are 2o stored in volatile memory (Step 830).
After being used to perform decryption, the key is erased from volatile memory (Step 840). In one embodiment, the key is erased by zeroing out the memory location where the key was stored. If this memory location is subsequently swapped out, the key will not be stored on a non-volatile medium.
2s The user then uses the decrypted contents of the personal security device (Step 850).
After the user is finished with the contents, the contents are erased from volatile memory (Step 860). In one embodiment, the contents are erased by zeroing out the memory location where the contents were stored. If this memory location is subsequently swapped out, the contents will not be stored on a non-volatile medium. If the user wishes to subsequently use the contents (Step so 850), Steps 810-840 must be repeated.
The encrypted sensitive information stored in a personal security device may include, but is not limited to, information necessary for forming a secure network connection, user authentication information, a symmetric encryption key, a private key, a public key certificate, a password or passphrase, contact information such as a name and address, a credit card number, an account number with a financial institution, a personal identification number ("PIN"), a medical record, biometric information, a transaction record, and a map revealing the location of a resource, or combinations thereof. A secure network connection may include a virtual private network ("VPN") connection. The information necessary for forming a secure network connection may include, but is not limited to, a symmetric encryption key and a private key.
In one embodiment, known as symmetric key wrapping, a personal security device includes a symmetrically encrypted file along with the symmetric key used to encrypt it. In this ~o embodiment, the symmetric key is itself encrypted by a second key, which may be a symmetric or a public or private key. This second key is the key to the personal security device of this embodiment.
Example 1 In this example, which is illustrated in FIG. 9, a user wishes to use a computer 900 to ~s present credentials 910 such as a public key certificate or a digitally signed document to a host 920. The user first obtains a personal security device 930 from a personal security device server 940. In this embodiment, the personal security device 930 includes the user's encrypted credentials. The personal security device server 940 includes a personal security device database 950. The user then retrieves authentication information 960 from a token 970 and provides the 2o authentication information 960 to an authentication server 980. The authentication server 980 is in operative association with a key database 990. If the authentication server 980 determines that the authentication information 960 is correct, the authentication server 980 then provides a key 995 to the personal security device 930. The computer 900 then employs the key 995 to decrypt the personal security device 930 and gain access to the user's credentials 910, which it then 25 presents to the host 920.
In an alternate embodiment, the personal security device server 940 and the authentication server 980 can be the same server. In another alternate embodiment, the personal security device 930 comprises the user's private key with which the user generates the credentials 910.
Example 2 In this example, as illustrated in FIG. 10, a user wishes to form a secure network connection to a host computer 1000 from a public computer 1010. An example of a public computer is a workstation in a university's computing cluster. The user first obtains a personal s security device 1020 containing encrypted information necessary for making a secure network connection, which the user then stores on a non-volatile medium 1030 such as the public computer's disk drive. In this example, the personal security device 1020 is obtained directly from the host computer 1000, but it may also be obtained from a separate computer such as an authentication server.
~o The user then applies a key 1040 to decrypt the contents 1050 of the personal security device 1020. The decrypted contents 1050 reside in volatile storage 1060. In this example, the key 1040 is a passphrase that the user has memorized. In an alternative embodiment, the key 1040 is obtained from an authentication token.
In this example, the personal security device 1020 may persist on the public computer, ~ s such that a subsequent user is able to read it. However, since the neither the key 1040 nor the decrypted contents 1050 of the personal security device 1020 persist, subsequent users cannot exploit the contents of the personal security device 1020.
Example 3 In this example, as illustrated in FIG. 11, a user with an authentication token 1100 wishes zo to access the information in a personal security device 1110 stored on the hard disk drive 1120 of the user's computer. When the user wishes to decrypt the information stored in the personal security device 1110, the user queries an authentication server 1130 and presents authentication information 1140 from the authentication token 1100 to the authentication server 1130. Upon receiving proper authentication 1140, the authentication server 1130 then provides the user with zs a key 1150, which is then used to decrypt the contents 1160 of the personal security device.
In this example, the key 1150 and the decrypted contents 1160 are only maintained in volatile RAM 1170 and never written out to non-volatile disk 1120. Thus when the user turns off or resets the computer 1180, the key 1150 and decrypted contents 1160 are no longer accessible on the computer 1180. If the user wishes to access the contents 1160 of the personal so security device 1110 again after cycling the power or resetting the computer 1180, the user has to repeat the authentication process described above. In a further embodiment, the key 1150 and decrypted contents 1160 are removed from volatile RAM 1170 when they are no longer being used. For example, the volatile RAM 1170 containing the key 1150 is zeroed out after decryption is complete, and the volatile RAM 1170 containing the decrypted contents 1160 is zeroed out after the user is finished with it.
s If the user's computer 1180 is stolen or otherwise physically compromised, an adversary cannot exploit the contents of the personal security device 1110.
Example 4 In this example, as illustrated in FIG. 12, a user with a smartcard 1200 wishes to perform an authentication function. The smartcard includes volatile 1210 and non-volatile 1220 memory.
~o A personal security device 1230 is stored in the smartcard's non-volatile memory 1220. The smartcard 1200 receives power when it is inserted into a smartcard reader 1240; when the smartcard 1200 is removed from the reader 1240, the contents of its volatile memory 1210 are lost. The user inserts the smartcard 1200 into the reader 1240 and provides the reader 1240 with a key such as a PIN 1250.
The PIN 1250 is used to decrypt the personal security device 1230. The decrypted contents 1260 are stored in the smartcard's volatile memory 1210, which the user employs for authentication functions such as digital signatures. When finished, the user removes the smartcard 1200 from the card reader 1240, erasing the sensitive contents 1260 stored in the smartcard's volatile memory 1210.
2o If the smartcard 1200 is lost or stolen, the information in its personal security device 1230 cannot be exploited by a finder or thief.
Example 5 In this example, as illustrated in FIG. 13, the personal security device 1300 is stored in non-volatile external storage device 1310, which is in operative association with an interface is 1320 of a computer 1330. The interface 1320 is in operative association with a central processing unit ("CPU") 1340, which is in operative association with a volatile storage medium 1350. The key 1360 to the personal security device 1300 is stored in the volatile storage medium 1350. The decrypted contents 1370 of the personal security device 1300 is stored in the volatile storage medium 1350.
In one embodiment, the non-volatile external storage device 1310 is a cartridge storing the personal security device 1300 in read only memory ("ROM"). In a further embodiment, the non-volatile external storage device 1300 is a Personal Computer Memory International Association ("PCMCIA") card and the interface 1320 is a PCMCIA slot. In an alternate embodiment, the non-volatile external storage device 1300 is a universal serial bus ("USB") key and the interface 1320 is a USB port. In another alternate embodiment, the non-volatile external storage device 1300 is a card with a magnetic strip and the interface 1320 is a magnetic card reader. In yet another alternate embodiment, the non-volatile external storage device 1300 is a disk and the interface 1320 is a disk drive. In a further embodiment, the disk is a floppy disk and ~o the disk drive is a floppy disk drive. In an alternate further embodiment, the disk is a CD-ROM
and the disk drive is a CD-ROM drive. In another alternate embodiment, the disk is a Zip disk and the disk drive is a Zip drive.
Equivalents The invention may be embodied in other specific forms without departing from the spirit ~ s or essential characteristics thereof. The foregoing embodiments are therefore to be considered in all respects illustrative rather than limiting on the invention described herein. Scope of the invention is thus indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
The foregoing and other objects, features and advantages of the present invention, as well as the invention itself, will be more fully understood from the following description of preferred embodiments, when read together with the accompanying drawings, in which:
s FIG. 1 is a flowchart illustrating the interaction between a client and a server.
FIG. 2 is a flowchart illustrating steps a server undertakes to securely provide information.
FIG. 3 is a flowchart illustrating steps a client undertakes performing a challenge-response protocol for accessing information.
~ o FIG. 4 is a schematic illustration of a security regime.
FIG. 5 is a flowchart illustrating steps a client undertakes to securely receive and access information.
FIG. 6 is a schematic illustration of a hardware embodiment used to store and access a personal security device.
15 FIG. 7 is a schematic illustration of a hardware embodiment used to store and access a personal security device.
FIG. 8 is a flowchart illustrating steps to erase sensitive information after use.
FIG. 9 is a schematic illustration of a system for securely providing information.
FIG. 10 is a schematic illustration of a workstation storing and decrypting a personal 2o security device.
FIG. 11 is a schematic illustration of a system for securely providing a key in response to authentication.
FIG. 12 is a schematic illustration of a smartcard and a smartcard reader.
FIG. 13 is a schematic illustration of a personal security device stored in an external non-is volatile medium.
DETAILED DESCRIPTION OF THE INVENTION
For the purposes of this invention, the term "personal security device" refers to encrypted sensitive information that may be stored on devices subject to physical compromise. "Personal security device" may also be used as a synecdoche to refer to the hardware storing this encrypted so sensitive information. In one embodiment of the invention, the personal security device can only be decrypted with decryption information, known as a key.
For the purposes of this invention, "non-volatile storage medium" refers to any medium in which data persists when power is not supplied to the device on which the medium resides.
Examples of non-volatile storage media include disks, tapes, compact disc read-only memory ("CD-ROM"), digital versatile disc ("DVD"), flash memory, erasable-programmable read-only s memory ("EPROM") and read-only memory ("ROM"). For the purposes of this invention, "volatile storage medium" refers to any medium in which data is stored in a transitory manner or data is lost when power is removed from the medium. An example of a volatile storage medium is random-access memory ("RAM"). In a typical embodiment, volatile storage media are less susceptible to physical compromise than non-volatile storage media.
~o For the purposes of this invention, the term "physical compromise"
encompasses any means by which an adversary may gain access to information on a user's system.
For example, a laptop computer can be stolen and its contents accessed. Physical compromise also encompasses an adversary may gaining entrance to an office and copying sensitive contents of a target computer onto a removable storage medium such as a floppy disk or removable cartridge.
~s Physical compromise also encompasses an adversary transmitting sensitive information from a target computer to one of the adversary's computers over a computer network such as the Internet. Physical compromise also encompasses the use of cracking methods including viruses and trojan horses. For example, a desktop system can be infected with a virus that seeks out sensitive information and transmits what it finds to an adversary over the Internet. Alternatively, 2o an adversary can exploit a security hole in an operating system to gain access to that system directly. One example of a security hole exploit is known as Back Orifice, which provides unauthorized access to systems running Microsoft's Windows NT operating system.
For the purposes of this invention, the term "authentication token" refers to a device or program providing authentication information to a user that is determined based on secret 25 information shared by the authentication token and an authentication server. In one embodiment, the authentication token is implemented as code running on the user's general purpose computer.
In an alternate embodiment, the authentication token is implemented on specialized hardware.
Referring to FIG. 1, and in brief overview, a system is provided One embodiment of the invention, as illustrated in FIG. 1, includes a client that interacts ao with a server to gain access to sensitive information. The client first transmits a personal security device query to the server (Step 100). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, _g_ the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network.
In a further embodiment, the wide area network is the Internet. In one embodiment, the query is s received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
The server receives the personal security device query (Step 110), and provides the personal security device to the client (Step 120). In one embodiment, the server provides the 1 o personal security device by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is transmitted over an open or unsecured connection.
In an alternate embodiment, the personal security device is transmitted over a secured ~s connection. In a further embodiment, the connection is secured by the SSL
protocol.
The client then receives the transmitted personal security device (Step 130) and transmits a key query requesting the key to the personal security device (Step 140). The key query includes an unique identifier for the personal security device to be decrypted. The key query also includes authentication information. In one embodiment, the authentication information is the output of 2o an authentication token. In an alternate embodiment, the authentication information is a digitally-signed document. In yet another alternate embodiment, the authentication information is a passphrase. In yet another alternate embodiment, the authentication information is a response to a challenge. In yet another alternate embodiment, the authentication information includes biometric information. In one embodiment, the key query is transmitted via a computer 25 network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is transmitted via an open or unsecured connection. In an alternate embodiment, the key query is transmitted via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol.
so The server then receives the key query (Step 150) and determines if the authentication information is correct (Step 160). In one embodiment, the server determines if the authentication information matches the information the server expects to be displayed on an authentication token. In an alternate embodiment, the server verifies the authentication information's digital signature. In yet another alternate embodiment, the server determines if the authentication information matches a passphrase. In yet another alternate embodiment, the server determines if the authentication information is a correctly calculated response to a challenge. In yet another alternate embodiment, the server determines if the authentication information matches a user's biometric information.
If the authentication information is correct, the server provides the key to the personal security device (Step 170). Otherwise the server refuses to provide the key (Step 180). In one embodiment, the server provides the key by transmitting it over a computer network. In a further ~o embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is transmitted over an open or unsecured connection. In an alternate embodiment, the key is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~s The client receives the key (Step 190) and uses it to decrypt the personal security device (Step 195) thereby gaining access to its contents. In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher such as RC4, A4, DES, RCS, Blowfish, or RC6. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed 2o using a public-key cryptographic cipher.
In one embodiment of this invention, the personal security device may be distributed openly and without any requirement for authentication. In a further embodiment, the key to the personal security device is not distributed openly, but only in response to proper authentication.
FIG. 2 illustrates steps taken by a server of this embodiment. The server receives a query for a is personal security device (Step 200). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network.
so In a further embodiment, the wide area network is the Internet. In one embodiment, the query is received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
The server then provides the personal security device (Step 210). In one embodiment, the server provides the personal security device by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is transmitted over an open or unsecured connection. In an alternate embodiment, the personal security device is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL
~ o protocol.
The server then receives a key query (Step 220). The key query includes an unique identifier for the personal security device to be decrypted. The key query also includes authentication information. In one embodiment, the authentication information is the output of an authentication token. In an alternate embodiment, the authentication information is a ~s digitally-signed document. In yet another alternate embodiment, the authentication information is a passphrase. In yet another alternate embodiment, the authentication information is a response to a challenge. In yet another alternate embodiment, the authentication information includes biometric information. In one embodiment, the key query is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate 2o embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is received via an open or unsecured connection. In an alternate embodiment, the key query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol.
The server then determines if the authentication information is correct (Step 230). In one is embodiment, the server determines if the authentication information matches the information the server expects to be displayed on an authentication token. In an alternate embodiment, the server verifies the authentication information's digital signature. In yet another alternate embodiment, the server determines if the authentication information matches a passphrase.
In yet another alternate embodiment, the server determines if the authentication information is a correctly so calculated response to a challenge. In yet another alternate embodiment, the server determines if the authentication information matches a user's biometric information.
If the authentication information is correct, the server provides the key to the personal security device (Step 240). Otherwise the server refuses to provide the key (Step 250). In one embodiment, the server provides the key by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the s computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is transmitted over an open or unsecured connection. In an alternate embodiment, the key is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
Methods of providing proper authentication include but are not limited to entering a i o password, successfully completing a challenge-response protocol, entering data from an authentication token, and biometric authentication. Characterisitics for biometric authentication can include fingerprints, voice prints, retinal scan, facial features, or the measurement of any physical characteristic associated with a user to be authenticated.
FIG. 3 illustrates an embodiment employing a challenge-response protocol. A
client ~s requests a specific personal security device by sending a personal security device query (Step 300). In one embodiment, this query includes information necessary to uniquely identify a specific personal security device. In an alternate embodiment, the query includes a request to generate a new personal security device. In one embodiment, the query is received via a computer network. In a further embodiment, the computer network is a local area network. In an 2o alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the query is received via an open or unsecured connection. In an alternate embodiment, the query is received via a secured connection. In a further embodiment, the connection is secured by the SSL
protocol. In one embodiment, the query does not include any authentication information.
2s The client then receives the personal security device (Step 310). In one embodiment, the client receives the personal security device over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is received over an open or unsecured connection. In so an alternate embodiment, the personal security device is received over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The client then requests the key to the personal security device by transmitting a key query (Step 320). The key query includes an unique identifier for the personal security device to be decrypted. In one embodiment, the key query is transmitted via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, s the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key query is transmitted via an open or unsecured connection. In an alternate embodiment, the key query is transmitted via a secured connection.
In a further embodiment, the connection is secured by the SSL protocol.
Next, the client receives an authentication challenge (Step 330). In one embodiment, the ~o authentication challenge is an operand generated by the server, where the proper response is the result of performing a mathematical function on the operand and a secret number. In a further embodiment, the mathematical function is a one-way function, such that it is infeasible to determine the secret number from the operand and the result. In one embodiment, the authentication challenge is received via a computer network. In a further embodiment, the ~s computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the authentication challenge is received via an open or unsecured connection. In an alternate embodiment, the authentication challenge is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
2o Next, the client provides a response to the authentication challenge (Step 340). In one embodiment, the response is generated by performing the mathematical function on the operand and the secret number. In one embodiment, the client provides the response by transmitting it over a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. W a further is embodiment, the wide area network is the Internet. In one embodiment, the response is transmitted over an open or unsecured connection. In an alternate embodiment, the response is transmitted over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The response is then validated (Step 350). If the response is authentic, then the client is so send the key (Step 370) which the client then uses to decrypt the personal security device (Step 380) and gain access to its contents. If the response is not authentic, then the client is refused the key (Step 360). In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher such as RC2, RCS, DES, Twofish, A5, or RC4. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed using a public-key cryptographic cipher such as RSA, Diffie-Helman, ElGamal or Elliptic Curve Cryptography s ("ECC"). In one embodiment, the key is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~ o The personal security device server does not have to be the same as the authentication server. The embodiment in FIG. 4 illustrates the separation of the personal security device server 400 from the authentication server 410. The personal security device server 400 is in operative association with a personal security device database 420. The personal security device server 400 provides the contents of the personal security device database 420 without requiring ~s authentication. In this embodiment, the contents of the personal security device database 420 can be considered public information. The authentication server 410 is in operative association with a key database 430. The information in the key database 430 is sensitive information which must be kept secure and is only given out in response to proper authentication.
Optionally, the authentication server 410 and the key database 430 can be further protected by being placed 2o behind a firewall 440.
In one embodiment of the invention, a user requests and receives a personal security device from a server, which the user then stores in a non-volatile storage medium such as a hard disk drive or flash memory. In a further embodiment, the user requests the key to the personal security device while providing proper authentication. In this embodiment, the user stores the 2s key in a volatile storage medium, such as random access memory ("RAM"). In yet a further embodiment, the user decrypts the personal security device with the key and stores the decrypted sensitive information in a volatile storage medium. FIG. 5 illustrates the steps taken by a user or client of this embodiment. The client receives a personal security device (Step 500). In one embodiment, the client receives the personal security device over a computer network. In a so further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the personal security device is received over an open or unsecured connection. In an alternate embodiment, the personal security device is received over a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
The personal security device is then stored on the client on a non-volatile storage medium (Step 510). In one embodiment, the non-volatile storage medium is a disk drive such as a hard s disk, a floppy disk, or a removable cartridge such as a Zip drive. In an alternate embodiment, the non-volatile storage medium is memory such as flash memory or eraseable programmable read-only memory ("EPROM") where the contents of the memory are retained even if power is removed.
The client then receives the key to the personal security device (Step 520), typically in ~o response to successful authentication. In one embodiment, the key is received via a computer network. In a further embodiment, the computer network is a local area network. In an alternate embodiment, the computer network is a wide area network. In a further embodiment, the wide area network is the Internet. In one embodiment, the key is received via a secured connection. In a further embodiment, the connection is secured by the SSL protocol.
~s The client then uses the key to decrypt the personal security device and gain access to its contents (Step 530). In this embodiment, the key and the decrypted contents are stored in the client's volatile storage medium. In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher. In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and 2o the decryption is performed using a public-key cryptographic cipher.
FIG. 6 illustrates the hardware of an embodiment used to store and access a personal security device and its contents. The hardware includes a central processing unit ("CPU") 600 in operative association with volatile storage 610 and non-volatile storage 620.
In this embodiment, an encrypted personal security device 630 is stored in the non-volatile storage 610. When a user 2s wishes to access the contents of the personal security device 630, a key 640 is stored in the volatile storage 610. The CPU 600 then uses the key 640 to decrypt the contents of the personal security device and store the decrypted contents 650 in the volatile storage 610.
Some general purpose computers use non-volatile disk storage to supplement volatile random access memory ("RAM") storage. Referring to FIG. 7, a general purpose computer 700 so includes a central processing unit ("CPU") 710 in operative association with volatile RAM 720 and a non-volatile disk drive 740. The disk drive 740 includes swap space 730.
When sections of RAM 720 aren't being used, their contents are "swapped out" into the swap space 730 so that the RAM 720 can be used for other purposes. When a user wishes to access those contents, they are swapped back into the RAM 720. Because the use of swap space 730 writes the contents of volatile storage 720 into non-volatile storage 740, it is desirable to erase sensitive information from volatile storage 720 as soon as it is finished being used. Otherwise, unused sensitive s information could be written out to nonvolatile swap space 730.
In one embodiment, illustrated in the flowchart of FIG. 8, the information stored in the volatile storage medium is erased after use. First, the personal security device is stored in a non-volatile storage medium (Step 800). In one embodiment, the personal security device is stored by a user after having been provided by a server. In an alternate embodiment, the personal to security device is stored in the non-volatile storage medium before the medium is distributed to the user.
Next, the key to the personal security device is stored in a volatile medium (Step 810). In one embodiment, the key is obtained from an authentication server. In an alternate embodiment, the key is directly entered by a user.
~s The key is then used to decrypt the personal security device (Step 820). In one embodiment, the key is a symmetric key and decryption is performed using a symmetric cipher.
In an alternate embodiment, the key is a first asymmetric key of a key pair, the personal security device was encrypted with a second key of a key pair, and the decryption is performed using a public-key cryptographic cipher. The decrypted contents of the personal security device are 2o stored in volatile memory (Step 830).
After being used to perform decryption, the key is erased from volatile memory (Step 840). In one embodiment, the key is erased by zeroing out the memory location where the key was stored. If this memory location is subsequently swapped out, the key will not be stored on a non-volatile medium.
2s The user then uses the decrypted contents of the personal security device (Step 850).
After the user is finished with the contents, the contents are erased from volatile memory (Step 860). In one embodiment, the contents are erased by zeroing out the memory location where the contents were stored. If this memory location is subsequently swapped out, the contents will not be stored on a non-volatile medium. If the user wishes to subsequently use the contents (Step so 850), Steps 810-840 must be repeated.
The encrypted sensitive information stored in a personal security device may include, but is not limited to, information necessary for forming a secure network connection, user authentication information, a symmetric encryption key, a private key, a public key certificate, a password or passphrase, contact information such as a name and address, a credit card number, an account number with a financial institution, a personal identification number ("PIN"), a medical record, biometric information, a transaction record, and a map revealing the location of a resource, or combinations thereof. A secure network connection may include a virtual private network ("VPN") connection. The information necessary for forming a secure network connection may include, but is not limited to, a symmetric encryption key and a private key.
In one embodiment, known as symmetric key wrapping, a personal security device includes a symmetrically encrypted file along with the symmetric key used to encrypt it. In this ~o embodiment, the symmetric key is itself encrypted by a second key, which may be a symmetric or a public or private key. This second key is the key to the personal security device of this embodiment.
Example 1 In this example, which is illustrated in FIG. 9, a user wishes to use a computer 900 to ~s present credentials 910 such as a public key certificate or a digitally signed document to a host 920. The user first obtains a personal security device 930 from a personal security device server 940. In this embodiment, the personal security device 930 includes the user's encrypted credentials. The personal security device server 940 includes a personal security device database 950. The user then retrieves authentication information 960 from a token 970 and provides the 2o authentication information 960 to an authentication server 980. The authentication server 980 is in operative association with a key database 990. If the authentication server 980 determines that the authentication information 960 is correct, the authentication server 980 then provides a key 995 to the personal security device 930. The computer 900 then employs the key 995 to decrypt the personal security device 930 and gain access to the user's credentials 910, which it then 25 presents to the host 920.
In an alternate embodiment, the personal security device server 940 and the authentication server 980 can be the same server. In another alternate embodiment, the personal security device 930 comprises the user's private key with which the user generates the credentials 910.
Example 2 In this example, as illustrated in FIG. 10, a user wishes to form a secure network connection to a host computer 1000 from a public computer 1010. An example of a public computer is a workstation in a university's computing cluster. The user first obtains a personal s security device 1020 containing encrypted information necessary for making a secure network connection, which the user then stores on a non-volatile medium 1030 such as the public computer's disk drive. In this example, the personal security device 1020 is obtained directly from the host computer 1000, but it may also be obtained from a separate computer such as an authentication server.
~o The user then applies a key 1040 to decrypt the contents 1050 of the personal security device 1020. The decrypted contents 1050 reside in volatile storage 1060. In this example, the key 1040 is a passphrase that the user has memorized. In an alternative embodiment, the key 1040 is obtained from an authentication token.
In this example, the personal security device 1020 may persist on the public computer, ~ s such that a subsequent user is able to read it. However, since the neither the key 1040 nor the decrypted contents 1050 of the personal security device 1020 persist, subsequent users cannot exploit the contents of the personal security device 1020.
Example 3 In this example, as illustrated in FIG. 11, a user with an authentication token 1100 wishes zo to access the information in a personal security device 1110 stored on the hard disk drive 1120 of the user's computer. When the user wishes to decrypt the information stored in the personal security device 1110, the user queries an authentication server 1130 and presents authentication information 1140 from the authentication token 1100 to the authentication server 1130. Upon receiving proper authentication 1140, the authentication server 1130 then provides the user with zs a key 1150, which is then used to decrypt the contents 1160 of the personal security device.
In this example, the key 1150 and the decrypted contents 1160 are only maintained in volatile RAM 1170 and never written out to non-volatile disk 1120. Thus when the user turns off or resets the computer 1180, the key 1150 and decrypted contents 1160 are no longer accessible on the computer 1180. If the user wishes to access the contents 1160 of the personal so security device 1110 again after cycling the power or resetting the computer 1180, the user has to repeat the authentication process described above. In a further embodiment, the key 1150 and decrypted contents 1160 are removed from volatile RAM 1170 when they are no longer being used. For example, the volatile RAM 1170 containing the key 1150 is zeroed out after decryption is complete, and the volatile RAM 1170 containing the decrypted contents 1160 is zeroed out after the user is finished with it.
s If the user's computer 1180 is stolen or otherwise physically compromised, an adversary cannot exploit the contents of the personal security device 1110.
Example 4 In this example, as illustrated in FIG. 12, a user with a smartcard 1200 wishes to perform an authentication function. The smartcard includes volatile 1210 and non-volatile 1220 memory.
~o A personal security device 1230 is stored in the smartcard's non-volatile memory 1220. The smartcard 1200 receives power when it is inserted into a smartcard reader 1240; when the smartcard 1200 is removed from the reader 1240, the contents of its volatile memory 1210 are lost. The user inserts the smartcard 1200 into the reader 1240 and provides the reader 1240 with a key such as a PIN 1250.
The PIN 1250 is used to decrypt the personal security device 1230. The decrypted contents 1260 are stored in the smartcard's volatile memory 1210, which the user employs for authentication functions such as digital signatures. When finished, the user removes the smartcard 1200 from the card reader 1240, erasing the sensitive contents 1260 stored in the smartcard's volatile memory 1210.
2o If the smartcard 1200 is lost or stolen, the information in its personal security device 1230 cannot be exploited by a finder or thief.
Example 5 In this example, as illustrated in FIG. 13, the personal security device 1300 is stored in non-volatile external storage device 1310, which is in operative association with an interface is 1320 of a computer 1330. The interface 1320 is in operative association with a central processing unit ("CPU") 1340, which is in operative association with a volatile storage medium 1350. The key 1360 to the personal security device 1300 is stored in the volatile storage medium 1350. The decrypted contents 1370 of the personal security device 1300 is stored in the volatile storage medium 1350.
In one embodiment, the non-volatile external storage device 1310 is a cartridge storing the personal security device 1300 in read only memory ("ROM"). In a further embodiment, the non-volatile external storage device 1300 is a Personal Computer Memory International Association ("PCMCIA") card and the interface 1320 is a PCMCIA slot. In an alternate embodiment, the non-volatile external storage device 1300 is a universal serial bus ("USB") key and the interface 1320 is a USB port. In another alternate embodiment, the non-volatile external storage device 1300 is a card with a magnetic strip and the interface 1320 is a magnetic card reader. In yet another alternate embodiment, the non-volatile external storage device 1300 is a disk and the interface 1320 is a disk drive. In a further embodiment, the disk is a floppy disk and ~o the disk drive is a floppy disk drive. In an alternate further embodiment, the disk is a CD-ROM
and the disk drive is a CD-ROM drive. In another alternate embodiment, the disk is a Zip disk and the disk drive is a Zip drive.
Equivalents The invention may be embodied in other specific forms without departing from the spirit ~ s or essential characteristics thereof. The foregoing embodiments are therefore to be considered in all respects illustrative rather than limiting on the invention described herein. Scope of the invention is thus indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
Claims (51)
1. A method for securely providing information comprising the steps of:
(a) receiving information identifying an encrypted personal security device;
(b) providing said identified encrypted personal security device;
(c) receiving authentication information; and (d) providing decryption information for said personal security device responsive to said authentication information.
(a) receiving information identifying an encrypted personal security device;
(b) providing said identified encrypted personal security device;
(c) receiving authentication information; and (d) providing decryption information for said personal security device responsive to said authentication information.
2. The method of claim 1 wherein steps (a) and (b) comprise:
(a) receiving information identifying an encrypted key; and (b) providing said identified encrypted key.
(a) receiving information identifying an encrypted key; and (b) providing said identified encrypted key.
3. The method of claim 1 wherein step (a) comprises receiving information identifying an encrypted personal security device, the personal security device comprising information necessary to make a secure network connection between a network client and a network server.
4. The method of claim 1 wherein step (a) comprises receiving information identifying an encrypted personal security device, the personal security device comprising information necessary to make a secure virtual private network connection.
5. The method of claim 1 further comprising the step of validating said authentication information.
6. The method of claim 1 wherein step (b) further comprises the steps of:
(b-a) retrieving said personal security device; and (b-b) providing said personal security device.
(b-a) retrieving said personal security device; and (b-b) providing said personal security device.
7. The method of claim 6 wherein step (b-a) comprises retrieving said personal security device from an authentication server.
8. The method of claim 1 further comprising the step of storing said personal security device on a smartcard.
9. The method of claim 1 further comprising the step of storing said decryption information in a volatile memory element.
10. The method of claim 1 wherein step (c) comprises receiving time-dependent authentication information.
11. A method for accessing secure information comprising the steps of:
(a) receiving an encrypted personal security device;
(b) receiving decryption information for said personal security device; and (c) decrypting said personal security device.
(a) receiving an encrypted personal security device;
(b) receiving decryption information for said personal security device; and (c) decrypting said personal security device.
12. The method of claim 11 further comprising the step of using said decrypted personal security device to access said secure information.
13. The method of claim 11 wherein receiving step (a) comprises receiving an encrypted personal security device comprising information necessary to make a secure network connection between a network client and a network server.
14. The method of claim 11 wherein receiving step (a) comprises receiving an encrypted personal security device comprising information necessary to make a secure virtual private network connection.
15. The method of claim 11 further comprising the steps of:
(d) transmitting information identifying an encrypted personal security device; and (e) transmitting authentication information.
(d) transmitting information identifying an encrypted personal security device; and (e) transmitting authentication information.
16. The method of claim 15 wherein step (e) comprises transmitting time-dependent authentication information.
17. The method of claim 11 further comprising the step of storing said personal security device on a smartcard.
18. The method of claim 11 further comprising the step of storing said decryption information in a volatile memory element.
19. A method for allowing a network client secure access to information, the method comprising the steps of:
(a) requesting, by said network client, a personal security device from a network server, wherein said personal security device comprises encrypted information necessary to make a secure network connection;
(b) forwarding, by said network server, said personal security device to said network client; and (c) providing, by said network server, decryption information for said personal security device.
(a) requesting, by said network client, a personal security device from a network server, wherein said personal security device comprises encrypted information necessary to make a secure network connection;
(b) forwarding, by said network server, said personal security device to said network client; and (c) providing, by said network server, decryption information for said personal security device.
20. The method of claim 19 wherein step (b) comprises providing an encrypted personal security device comprising information necessary to make a secure virtual private network connection.
21. The method of claim 19 further comprising the steps of:
(d) forwarding, by said network server said request to an authentication server;
(e) querying, by said authentication server a user database with said request;
(f) returning, by said user database a personal security device to said authentication server; and (g) forwarding, by said authentication server said personal security device to said network server.
(d) forwarding, by said network server said request to an authentication server;
(e) querying, by said authentication server a user database with said request;
(f) returning, by said user database a personal security device to said authentication server; and (g) forwarding, by said authentication server said personal security device to said network server.
22. The method of claim 19 further comprising the steps of:
(h) obtaining, by said client, authentication information from an authentication token;
(i) providing, by said client, said authentication information to said authentication server;
(j) confirming, by said authentication server, the validity of said authentication information;
(k) retrieving, by said network server, decryption information for said personal security device from a database; and (l) providing, by said network server, decryption information for said personal security device to said client.
(h) obtaining, by said client, authentication information from an authentication token;
(i) providing, by said client, said authentication information to said authentication server;
(j) confirming, by said authentication server, the validity of said authentication information;
(k) retrieving, by said network server, decryption information for said personal security device from a database; and (l) providing, by said network server, decryption information for said personal security device to said client.
23. The method of claim 22 wherein step (h) comprises obtaining time-dependent authentication information.
24. The method of claim 19 further comprising the steps of:
(m) decrypting, by said client, said personal security device.
(m) decrypting, by said client, said personal security device.
25. A device for providing secure access to information comprising:
(a) a first receiver receiving information identifying an encrypted personal security device;
(b) a first transmitter providing said identified personal security device;
(c) a second receiver receiving authentication information; and (d) a second transmitter providing decryption information for said personal security device responsive to said authentication information.
(a) a first receiver receiving information identifying an encrypted personal security device;
(b) a first transmitter providing said identified personal security device;
(c) a second receiver receiving authentication information; and (d) a second transmitter providing decryption information for said personal security device responsive to said authentication information.
26. The device of claim 25 wherein said receiver receives said encrypted personal security device comprising an encrypted key.
27. The device of claim 25 wherein said receiver receives said encrypted personal security device comprising information necessary to make a secure network connection between a network client and a network server.
28. The device of claim 25 wherein said receiver receives said encrypted personal security device comprising information necessary to make a secure virtual private network connection.
29. The device of claim 25 further comprising an authenticator validating said authentication information.
30. The device of claim 25 wherein said first receiver is the same as said second receiver.
31. The device of claim 25 wherein said first transmitter is the same as said second transmitter.
32. The device of claim 25 wherein said authentication information is time-dependent.
33. A device for accessing secure information comprising:
(a) a first receiver receiving an encrypted personal security device;
(b) a second receiver receiving decryption information for said personal security device; and (c) a decryptor decrypting said personal security device.
(a) a first receiver receiving an encrypted personal security device;
(b) a second receiver receiving decryption information for said personal security device; and (c) a decryptor decrypting said personal security device.
34. The device of claim 33 wherein said receiver receives said encrypted personal security device comprising information necessary to make a secure network connection between a network client and a network server.
35. The device of claim 33 wherein said receiver receives said encrypted personal security device comprising information necessary to make a secure virtual private network connection.
36. The device of claim 33 further comprising:
(d) a first transmitter transmitting information identifying an encrypted personal security device; and (e) a second transmitter transmitting authentication information.
(d) a first transmitter transmitting information identifying an encrypted personal security device; and (e) a second transmitter transmitting authentication information.
37. The device of claim 36 wherein said first transmitter is the same as said second transmitter.
38. The device of claim 36 wherein said authentication information is time-dependent.
39. The device of claim 33 further comprising a smartcard storing said decryption information.
40. The device of claim 33 further comprising a volatile memory element storing said decryption information.
41. The device of claim 33 wherein said first receiver is the same as said second receiver.
42. A system for providing secure access to information comprising:
(a) a network client comprising a volatile memory element; and (b) a network server storing an encrypted personal security device in a server memory element, said personal security device comprising encrypted information.
(a) a network client comprising a volatile memory element; and (b) a network server storing an encrypted personal security device in a server memory element, said personal security device comprising encrypted information.
43. The system of claim 42 further comprising a smartcard having a volatile memory element storing said personal security device.
44. The system of claim 42 wherein said user database includes said personal security device.
45. The system of claim 42 further comprising decrypted information for forming a secure network connection between said client and said server wherein said decrypted information is derived from applying said decryption information to said personal security device.
46. The system of claim 42 wherein said decryption information is stored in said volatile storage.
47. The system of claim 42 wherein said decrypted information is stored in said volatile storage.
48. The system of claim 42 wherein said network is a virtual private network.
49. The system of claim 42 wherein said encrypted information comprises information necessary for forming a secure network connection between said client and said server.
50. The system of claim 42 further comprising:
(c) an authentication token, wherein said token is capable of providing authentication information; and (d) an authentication server, wherein said authentication server comprises a user database, wherein said user database comprises decryption information for said personal security device, and wherein said authentication server is capable of providing said decryption information upon receipt of said authentication information.
(c) an authentication token, wherein said token is capable of providing authentication information; and (d) an authentication server, wherein said authentication server comprises a user database, wherein said user database comprises decryption information for said personal security device, and wherein said authentication server is capable of providing said decryption information upon receipt of said authentication information.
51. The system of claim 50 wherein said authentication information is time-dependent.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/356,600 | 1999-07-19 | ||
US09/356,600 US7111172B1 (en) | 1999-07-19 | 1999-07-19 | System and methods for maintaining and distributing personal security devices |
PCT/US2000/019656 WO2001006699A2 (en) | 1999-07-19 | 2000-07-19 | System and methods for maintaining and distributing personal security devices |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2374655A1 true CA2374655A1 (en) | 2001-01-25 |
Family
ID=23402133
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002374655A Abandoned CA2374655A1 (en) | 1999-07-19 | 2000-07-19 | System and methods for maintaining and distributing personal security devices |
Country Status (6)
Country | Link |
---|---|
US (1) | US7111172B1 (en) |
EP (1) | EP1201070B1 (en) |
AU (1) | AU6222600A (en) |
CA (1) | CA2374655A1 (en) |
DE (1) | DE60028778T2 (en) |
WO (1) | WO2001006699A2 (en) |
Families Citing this family (185)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9430769B2 (en) * | 1999-10-01 | 2016-08-30 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
CN1327560A (en) * | 1999-10-25 | 2001-12-19 | 索尼公司 | Contents providing system |
US7284266B1 (en) * | 2000-03-21 | 2007-10-16 | Broadcom Corporation | System and method for secure biometric identification |
US7698565B1 (en) * | 2000-03-30 | 2010-04-13 | Digitalpersona, Inc. | Crypto-proxy server and method of using the same |
US7409543B1 (en) * | 2000-03-30 | 2008-08-05 | Digitalpersona, Inc. | Method and apparatus for using a third party authentication server |
US7237117B2 (en) | 2001-03-16 | 2007-06-26 | Kenneth P. Weiss | Universal secure registry |
JP2003085084A (en) * | 2001-09-12 | 2003-03-20 | Sony Corp | Contents delivery system and method, portable terminal, delivery server, and recording medium |
US7571467B1 (en) * | 2002-02-26 | 2009-08-04 | Microsoft Corporation | System and method to package security credentials for later use |
ES2254549T3 (en) * | 2002-03-25 | 2006-06-16 | Tds Todos Data System Ab | METHOD AND SYSTEM FOR USER AUTHENTICATION IN A DIGITAL COMMUNICATION SYSTEM. |
US8224887B2 (en) | 2003-03-26 | 2012-07-17 | Authenticatid, Llc | System, method and computer program product for authenticating a client |
US9412123B2 (en) | 2003-07-01 | 2016-08-09 | The 41St Parameter, Inc. | Keystroke analysis |
US10999298B2 (en) | 2004-03-02 | 2021-05-04 | The 41St Parameter, Inc. | Method and system for identifying users and detecting fraud by use of the internet |
US9286457B2 (en) | 2004-06-14 | 2016-03-15 | Rodney Beatson | Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties |
US7660770B2 (en) * | 2004-10-14 | 2010-02-09 | International Business Machines Corporation | System and method for providing a secure contact management system |
JP4707992B2 (en) * | 2004-10-22 | 2011-06-22 | 富士通株式会社 | Encrypted communication system |
WO2006064575A1 (en) * | 2004-12-15 | 2006-06-22 | Hitachi, Ltd. | Wireless communication terminal and its control method |
US9917819B2 (en) * | 2005-01-13 | 2018-03-13 | International Business Machines Corporation | System and method for providing a proxied contact management system |
US8684267B2 (en) | 2005-03-26 | 2014-04-01 | Privasys | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
EP1882220A2 (en) | 2005-03-26 | 2008-01-30 | Privasys, Inc. | Electronic financial transaction cards and methods |
US8226001B1 (en) | 2010-06-23 | 2012-07-24 | Fiteq, Inc. | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
US7636940B2 (en) * | 2005-04-12 | 2009-12-22 | Seiko Epson Corporation | Private key protection for secure servers |
WO2006116772A2 (en) | 2005-04-27 | 2006-11-02 | Privasys, Inc. | Electronic cards and methods for making same |
US7793851B2 (en) | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US7810147B2 (en) * | 2005-12-01 | 2010-10-05 | Emc Corporation | Detecting and preventing replay in authentication systems |
US11301585B2 (en) | 2005-12-16 | 2022-04-12 | The 41St Parameter, Inc. | Methods and apparatus for securely displaying digital images |
US8938671B2 (en) | 2005-12-16 | 2015-01-20 | The 41St Parameter, Inc. | Methods and apparatus for securely displaying digital images |
US9137012B2 (en) * | 2006-02-03 | 2015-09-15 | Emc Corporation | Wireless authentication methods and apparatus |
WO2007095265A2 (en) * | 2006-02-10 | 2007-08-23 | Rsa Security Inc. | Method and system for providing a one time password to work in conjunction with a browser |
US8234220B2 (en) | 2007-02-21 | 2012-07-31 | Weiss Kenneth P | Universal secure registry |
US11227676B2 (en) | 2006-02-21 | 2022-01-18 | Universal Secure Registry, Llc | Universal secure registry |
US8001055B2 (en) | 2006-02-21 | 2011-08-16 | Weiss Kenneth P | Method, system and apparatus for secure access, payment and identification |
US8151327B2 (en) | 2006-03-31 | 2012-04-03 | The 41St Parameter, Inc. | Systems and methods for detection of session tampering and fraud prevention |
US8615663B2 (en) | 2006-04-17 | 2013-12-24 | Broadcom Corporation | System and method for secure remote biometric authentication |
US20080005430A1 (en) * | 2006-05-08 | 2008-01-03 | Aladdin Knowledge Systems Ltd. | Communication interface |
US7941579B2 (en) * | 2006-06-30 | 2011-05-10 | Brother Kogyo Kabushiki Kaisha | Communication system for authenticating authority of host device for accessing storage medium set to periphery device |
US8316227B2 (en) | 2006-11-01 | 2012-11-20 | Microsoft Corporation | Health integration platform protocol |
US20080104617A1 (en) * | 2006-11-01 | 2008-05-01 | Microsoft Corporation | Extensible user interface |
US8533746B2 (en) | 2006-11-01 | 2013-09-10 | Microsoft Corporation | Health integration platform API |
US8417537B2 (en) * | 2006-11-01 | 2013-04-09 | Microsoft Corporation | Extensible and localizable health-related dictionary |
US8296240B2 (en) | 2007-03-22 | 2012-10-23 | Sony Corporation | Digital rights management dongle |
US8060750B2 (en) * | 2007-06-29 | 2011-11-15 | Emc Corporation | Secure seed provisioning |
US8661249B2 (en) * | 2007-09-24 | 2014-02-25 | Microsoft Corporation | Health keyset management |
US8059814B1 (en) | 2007-09-28 | 2011-11-15 | Emc Corporation | Techniques for carrying out seed or key derivation |
US9002012B2 (en) * | 2007-12-01 | 2015-04-07 | Hewlett-Packard Development Company, L.P. | Apparatus and method for securing data in computer storage |
US20090159699A1 (en) | 2007-12-24 | 2009-06-25 | Dynamics Inc. | Payment cards and devices operable to receive point-of-sale actions before point-of-sale and forward actions at point-of-sale |
US9203620B1 (en) | 2008-01-28 | 2015-12-01 | Emc Corporation | System, method and apparatus for secure use of cryptographic credentials in mobile devices |
US8621641B2 (en) * | 2008-02-29 | 2013-12-31 | Vicki L. James | Systems and methods for authorization of information access |
JP4845057B2 (en) * | 2008-04-14 | 2011-12-28 | 京セラ株式会社 | Portable electronic device and program |
US8307210B1 (en) | 2008-05-02 | 2012-11-06 | Emc Corporation | Method and apparatus for secure validation of tokens |
US9679135B2 (en) | 2008-06-19 | 2017-06-13 | Bank Of America Corporation | Computing device for secured transactions and virtual monitoring external from the operating system |
US9317851B2 (en) * | 2008-06-19 | 2016-04-19 | Bank Of America Corporation | Secure transaction personal computer |
US8484721B2 (en) * | 2008-08-04 | 2013-07-09 | Moka5, Inc. | Locked-down computing environment |
US9112910B2 (en) * | 2008-10-14 | 2015-08-18 | International Business Machines Corporation | Method and system for authentication |
US8579203B1 (en) | 2008-12-19 | 2013-11-12 | Dynamics Inc. | Electronic magnetic recorded media emulators in magnetic card devices |
US8931703B1 (en) | 2009-03-16 | 2015-01-13 | Dynamics Inc. | Payment cards and devices for displaying barcodes |
US9112850B1 (en) | 2009-03-25 | 2015-08-18 | The 41St Parameter, Inc. | Systems and methods of sharing information through a tag-based consortium |
US8172148B1 (en) | 2009-04-06 | 2012-05-08 | Dynamics Inc. | Cards and assemblies with user interfaces |
US8622309B1 (en) | 2009-04-06 | 2014-01-07 | Dynamics Inc. | Payment cards and devices with budgets, parental controls, and virtual accounts |
US9329619B1 (en) | 2009-04-06 | 2016-05-03 | Dynamics Inc. | Cards with power management |
US8589698B2 (en) * | 2009-05-15 | 2013-11-19 | International Business Machines Corporation | Integrity service using regenerated trust integrity gather program |
US8732451B2 (en) * | 2009-05-20 | 2014-05-20 | Microsoft Corporation | Portable secure computing network |
US8393545B1 (en) | 2009-06-23 | 2013-03-12 | Dynamics Inc. | Cards deployed with inactivated products for activation |
US8511574B1 (en) | 2009-08-17 | 2013-08-20 | Dynamics Inc. | Advanced loyalty applications for powered cards and devices |
US9306666B1 (en) | 2009-10-08 | 2016-04-05 | Dynamics Inc. | Programming protocols for powered cards and devices |
US8727219B1 (en) | 2009-10-12 | 2014-05-20 | Dynamics Inc. | Magnetic stripe track signal having multiple communications channels |
US8523059B1 (en) | 2009-10-20 | 2013-09-03 | Dynamics Inc. | Advanced payment options for powered cards and devices |
US8393546B1 (en) | 2009-10-25 | 2013-03-12 | Dynamics Inc. | Games, prizes, and entertainment for powered cards and devices |
WO2011103160A1 (en) | 2010-02-16 | 2011-08-25 | Dynamics Inc. | Systems and methods for drive circuits for dynamic magnetic stripe communications devices |
US8348172B1 (en) | 2010-03-02 | 2013-01-08 | Dynamics Inc. | Systems and methods for detection mechanisms for magnetic cards and devices |
US10693263B1 (en) | 2010-03-16 | 2020-06-23 | Dynamics Inc. | Systems and methods for audio connectors for powered cards and devices |
JP2013533532A (en) | 2010-05-18 | 2013-08-22 | ダイナミックス インコーポレイテッド | System and method for cards and devices communicating via light pulse and touch sensitive display |
US8317103B1 (en) | 2010-06-23 | 2012-11-27 | FiTeq | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
USD652449S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD670759S1 (en) | 2010-07-02 | 2012-11-13 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652075S1 (en) | 2010-07-02 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card |
USD674013S1 (en) | 2010-07-02 | 2013-01-08 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD687094S1 (en) | 2010-07-02 | 2013-07-30 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652867S1 (en) | 2010-07-02 | 2012-01-24 | Dynamics Inc. | Multiple button interactive electronic card |
USD672389S1 (en) | 2010-07-02 | 2012-12-11 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652448S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD792511S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD651644S1 (en) | 2010-07-09 | 2012-01-03 | Dynamics Inc. | Interactive electronic card with display |
USD651237S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
USD652450S1 (en) | 2010-07-09 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD666241S1 (en) | 2010-07-09 | 2012-08-28 | Dynamics Inc. | Multiple button interactive electronic card with light source |
USD665447S1 (en) | 2010-07-09 | 2012-08-14 | Dynamics Inc. | Multiple button interactive electronic card with light source and display |
USD792513S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD643063S1 (en) | 2010-07-09 | 2011-08-09 | Dynamics Inc. | Interactive electronic card with display |
USD792512S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD652076S1 (en) | 2010-07-09 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card with display |
USD665022S1 (en) | 2010-07-09 | 2012-08-07 | Dynamics Inc. | Multiple button interactive electronic card with light source |
USD653288S1 (en) | 2010-07-09 | 2012-01-31 | Dynamics Inc. | Multiple button interactive electronic card |
USD651238S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
US8322623B1 (en) | 2010-07-26 | 2012-12-04 | Dynamics Inc. | Systems and methods for advanced card printing |
US9818125B2 (en) | 2011-02-16 | 2017-11-14 | Dynamics Inc. | Systems and methods for information exchange mechanisms for powered cards and devices |
US9053398B1 (en) | 2010-08-12 | 2015-06-09 | Dynamics Inc. | Passive detection mechanisms for magnetic cards and devices |
US10055614B1 (en) | 2010-08-12 | 2018-08-21 | Dynamics Inc. | Systems and methods for advanced detection mechanisms for magnetic cards and devices |
WO2012037479A1 (en) | 2010-09-17 | 2012-03-22 | Universal Secure Registry, Llc | Apparatus, system and method employing a wireless user-device |
US10022884B1 (en) | 2010-10-15 | 2018-07-17 | Dynamics Inc. | Systems and methods for alignment techniques for magnetic cards and devices |
US8561894B1 (en) | 2010-10-20 | 2013-10-22 | Dynamics Inc. | Powered cards and devices designed, programmed, and deployed from a kiosk |
US9646240B1 (en) | 2010-11-05 | 2017-05-09 | Dynamics Inc. | Locking features for powered cards and devices |
US8567679B1 (en) | 2011-01-23 | 2013-10-29 | Dynamics Inc. | Cards and devices with embedded holograms |
US10095970B1 (en) | 2011-01-31 | 2018-10-09 | Dynamics Inc. | Cards including anti-skimming devices |
US9836680B1 (en) | 2011-03-03 | 2017-12-05 | Dynamics Inc. | Systems and methods for advanced communication mechanisms for magnetic cards and devices |
US8485446B1 (en) | 2011-03-28 | 2013-07-16 | Dynamics Inc. | Shielded magnetic stripe for magnetic cards and devices |
EP3605432A1 (en) | 2011-05-10 | 2020-02-05 | Dynamics Inc. | Systems, devices and methods for mobile payment acceptance, mobile authorizations, mobile wallets, and contactless communication mechanisms |
USD670329S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
USD676904S1 (en) | 2011-05-12 | 2013-02-26 | Dynamics Inc. | Interactive display card |
USD670331S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
USD670332S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
USD670330S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
US8628022B1 (en) | 2011-05-23 | 2014-01-14 | Dynamics Inc. | Systems and methods for sensor mechanisms for magnetic cards and devices |
DE102011051498A1 (en) | 2011-06-06 | 2012-12-06 | Kobil Systems Gmbh | Secure access to data in one device |
US8827153B1 (en) | 2011-07-18 | 2014-09-09 | Dynamics Inc. | Systems and methods for waveform generation for dynamic magnetic stripe communications devices |
US11551046B1 (en) | 2011-10-19 | 2023-01-10 | Dynamics Inc. | Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices |
US11409971B1 (en) | 2011-10-23 | 2022-08-09 | Dynamics Inc. | Programming and test modes for powered cards and devices |
US10754913B2 (en) | 2011-11-15 | 2020-08-25 | Tapad, Inc. | System and method for analyzing user device information |
GB2496841B (en) * | 2011-11-15 | 2016-07-20 | Rosberg System As | Method of securing a computing device |
US9619741B1 (en) | 2011-11-21 | 2017-04-11 | Dynamics Inc. | Systems and methods for synchronization mechanisms for magnetic cards and devices |
US8960545B1 (en) | 2011-11-21 | 2015-02-24 | Dynamics Inc. | Data modification for magnetic cards and devices |
US9454648B1 (en) * | 2011-12-23 | 2016-09-27 | Emc Corporation | Distributing token records in a market environment |
US8650627B2 (en) * | 2011-12-28 | 2014-02-11 | Tata Consultancy Services Ltd. | Computer implemented system and method for providing challenge-response solutions to authenticate a user |
US20130182576A1 (en) * | 2012-01-13 | 2013-07-18 | Qualcomm Incorporated | Context-aware mobile computing for automatic environment detection and re-establishment |
US9064194B1 (en) | 2012-02-03 | 2015-06-23 | Dynamics Inc. | Systems and methods for spike suppression for dynamic magnetic stripe communications devices |
US9710745B1 (en) | 2012-02-09 | 2017-07-18 | Dynamics Inc. | Systems and methods for automated assembly of dynamic magnetic stripe communications devices |
US8888009B1 (en) | 2012-02-14 | 2014-11-18 | Dynamics Inc. | Systems and methods for extended stripe mechanisms for magnetic cards and devices |
US9916992B2 (en) | 2012-02-20 | 2018-03-13 | Dynamics Inc. | Systems and methods for flexible components for powered cards and devices |
US9648490B2 (en) | 2012-03-01 | 2017-05-09 | Qualcomm Incorporated | Context-aware mobile computing for automatic environment detection and re-establishment |
US9633201B1 (en) | 2012-03-01 | 2017-04-25 | The 41St Parameter, Inc. | Methods and systems for fraud containment |
US9521551B2 (en) | 2012-03-22 | 2016-12-13 | The 41St Parameter, Inc. | Methods and systems for persistent cross-application mobile device identification |
US9734669B1 (en) | 2012-04-02 | 2017-08-15 | Dynamics Inc. | Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality |
US11961147B1 (en) | 2012-04-15 | 2024-04-16 | K. Shane Cupp | Cards, devices, systems, and methods for financial management services |
US11418483B1 (en) | 2012-04-19 | 2022-08-16 | Dynamics Inc. | Cards, devices, systems, and methods for zone-based network management |
US9033218B1 (en) | 2012-05-15 | 2015-05-19 | Dynamics Inc. | Cards, devices, systems, methods and dynamic security codes |
US8752148B1 (en) | 2012-06-25 | 2014-06-10 | Emc Corporation | Processorless token for producing a one-time password |
US9064195B2 (en) | 2012-06-29 | 2015-06-23 | Dynamics Inc. | Multiple layer card circuit boards |
WO2014022813A1 (en) | 2012-08-02 | 2014-02-06 | The 41St Parameter, Inc. | Systems and methods for accessing records via derivative locators |
USD828870S1 (en) | 2012-08-27 | 2018-09-18 | Dynamics Inc. | Display card |
USD687487S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD687887S1 (en) | 2012-08-27 | 2013-08-13 | Dynamics Inc. | Interactive electronic card with buttons |
USD675256S1 (en) | 2012-08-27 | 2013-01-29 | Dynamics Inc. | Interactive electronic card with display and button |
USD687489S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD687490S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD687488S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD729871S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD692053S1 (en) | 2012-08-27 | 2013-10-22 | Dynamics Inc. | Interactive electronic card with display and button |
USD676487S1 (en) | 2012-08-27 | 2013-02-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD730438S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with display and button |
USD688744S1 (en) | 2012-08-27 | 2013-08-27 | Dynamics Inc. | Interactive electronic card with display and button |
USD673606S1 (en) | 2012-08-27 | 2013-01-01 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD694322S1 (en) | 2012-08-27 | 2013-11-26 | Dynamics Inc. | Interactive electronic card with display buttons |
USD730439S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with buttons |
USD695636S1 (en) | 2012-08-27 | 2013-12-17 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD729870S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
USD687095S1 (en) | 2012-08-27 | 2013-07-30 | Dynamics Inc. | Interactive electronic card with buttons |
USD729869S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
US11995642B1 (en) | 2012-09-05 | 2024-05-28 | Dynamics Inc. | Cards, devices, systems, and methods for a notification system |
US11126997B1 (en) | 2012-10-02 | 2021-09-21 | Dynamics Inc. | Cards, devices, systems, and methods for a fulfillment system |
US9010647B2 (en) | 2012-10-29 | 2015-04-21 | Dynamics Inc. | Multiple sensor detector systems and detection methods of magnetic cards and devices |
US9659246B1 (en) | 2012-11-05 | 2017-05-23 | Dynamics Inc. | Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices |
WO2014078569A1 (en) | 2012-11-14 | 2014-05-22 | The 41St Parameter, Inc. | Systems and methods of global identification |
US9010644B1 (en) | 2012-11-30 | 2015-04-21 | Dynamics Inc. | Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices |
US10949627B2 (en) | 2012-12-20 | 2021-03-16 | Dynamics Inc. | Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices |
US9774446B1 (en) * | 2012-12-31 | 2017-09-26 | EMC IP Holding Company LLC | Managing use of security keys |
USD765174S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with button |
USD765173S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with display and button |
USD764584S1 (en) | 2013-03-04 | 2016-08-23 | Dynamics Inc. | Interactive electronic card with buttons |
USD777252S1 (en) | 2013-03-04 | 2017-01-24 | Dynamics Inc. | Interactive electronic card with buttons |
USD750168S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and button |
USD750166S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD751640S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD751639S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD750167S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with buttons |
DE102013205166A1 (en) * | 2013-03-22 | 2014-09-25 | Robert Bosch Gmbh | Method for generating a one-way function |
US10902327B1 (en) | 2013-08-30 | 2021-01-26 | The 41St Parameter, Inc. | System and method for device identification and uniqueness |
USD737373S1 (en) | 2013-09-10 | 2015-08-25 | Dynamics Inc. | Interactive electronic card with contact connector |
USD767024S1 (en) | 2013-09-10 | 2016-09-20 | Dynamics Inc. | Interactive electronic card with contact connector |
WO2015110043A1 (en) * | 2014-01-27 | 2015-07-30 | 邵通 | Dual-channel identity authentication selection device, system and method |
US10108891B1 (en) | 2014-03-21 | 2018-10-23 | Dynamics Inc. | Exchange coupled amorphous ribbons for electronic stripes |
KR102223609B1 (en) * | 2014-05-09 | 2021-03-05 | 삼성전자주식회사 | Content sharing method and apparatus |
US10091312B1 (en) | 2014-10-14 | 2018-10-02 | The 41St Parameter, Inc. | Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups |
US9852309B2 (en) * | 2016-01-05 | 2017-12-26 | Prifender Ltd. | System and method for securing personal data elements |
US10032049B2 (en) | 2016-02-23 | 2018-07-24 | Dynamics Inc. | Magnetic cards and devices for motorized readers |
US11044244B2 (en) | 2018-09-18 | 2021-06-22 | Allstate Insurance Company | Authenticating devices via one or more pseudorandom sequences and one or more tokens |
KR20210065109A (en) | 2018-10-02 | 2021-06-03 | 캐피탈 원 서비시즈, 엘엘씨 | System and method for cryptographic authentication of contactless card |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4309569A (en) | 1979-09-05 | 1982-01-05 | The Board Of Trustees Of The Leland Stanford Junior University | Method of providing digital signatures |
GB2146814A (en) | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
US4685055A (en) | 1985-07-01 | 1987-08-04 | Thomas Richard B | Method and system for controlling use of protected software |
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5485519A (en) | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5237614A (en) * | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
US5210795A (en) * | 1992-01-10 | 1993-05-11 | Digital Equipment Corporation | Secure user authentication from personal computer |
US5278460A (en) | 1992-04-07 | 1994-01-11 | Micron Technology, Inc. | Voltage compensating CMOS input buffer |
US5418854A (en) * | 1992-04-28 | 1995-05-23 | Digital Equipment Corporation | Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system |
US5586260A (en) * | 1993-02-12 | 1996-12-17 | Digital Equipment Corporation | Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms |
US5491752A (en) * | 1993-03-18 | 1996-02-13 | Digital Equipment Corporation, Patent Law Group | System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens |
EP0711480B1 (en) * | 1993-07-27 | 1997-06-11 | International Business Machines Corporation | Method and system for authenticated secure key distribution in a communication system |
US5495533A (en) * | 1994-04-29 | 1996-02-27 | International Business Machines Corporation | Personal key archive |
US5604801A (en) * | 1995-02-03 | 1997-02-18 | International Business Machines Corporation | Public key data communications system under control of a portable security device |
US5950195A (en) * | 1996-09-18 | 1999-09-07 | Secure Computing Corporation | Generalized security policy management system and method |
GB2318486B (en) * | 1996-10-16 | 2001-03-28 | Ibm | Data communications system |
US5784463A (en) * | 1996-12-04 | 1998-07-21 | V-One Corporation | Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method |
US5933826A (en) * | 1997-03-21 | 1999-08-03 | Novell, Inc. | Method and apparatus for securing and storing executable content |
US6240184B1 (en) | 1997-09-05 | 2001-05-29 | Rsa Security Inc. | Password synchronization |
US6064736A (en) * | 1997-09-15 | 2000-05-16 | International Business Machines Corporation | Systems, methods and computer program products that use an encrypted session for additional password verification |
US6170058B1 (en) * | 1997-12-23 | 2001-01-02 | Arcot Systems, Inc. | Method and apparatus for cryptographically camouflaged cryptographic key storage, certification and use |
US6263446B1 (en) * | 1997-12-23 | 2001-07-17 | Arcot Systems, Inc. | Method and apparatus for secure distribution of authentication credentials to roaming users |
US6834111B1 (en) | 1998-04-01 | 2004-12-21 | Matsushita Electric Industrial Co., Ltd. | Data transmitting/receiving method, data transmitter, data receiver, data transmitting/receiving system, av content transmitting method, av content receiving method, av content transmitter, av content receiver, and program recording medium |
US6226618B1 (en) * | 1998-08-13 | 2001-05-01 | International Business Machines Corporation | Electronic content delivery system |
US7305695B1 (en) | 1999-01-20 | 2007-12-04 | Intel Corporation | System for providing video on demand with pause feature |
-
1999
- 1999-07-19 US US09/356,600 patent/US7111172B1/en not_active Expired - Lifetime
-
2000
- 2000-07-19 CA CA002374655A patent/CA2374655A1/en not_active Abandoned
- 2000-07-19 AU AU62226/00A patent/AU6222600A/en not_active Abandoned
- 2000-07-19 WO PCT/US2000/019656 patent/WO2001006699A2/en active Search and Examination
- 2000-07-19 EP EP00948778A patent/EP1201070B1/en not_active Expired - Lifetime
- 2000-07-19 DE DE60028778T patent/DE60028778T2/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
EP1201070A2 (en) | 2002-05-02 |
WO2001006699A2 (en) | 2001-01-25 |
US7111172B1 (en) | 2006-09-19 |
DE60028778D1 (en) | 2006-07-27 |
DE60028778T2 (en) | 2007-05-24 |
EP1201070B1 (en) | 2006-06-14 |
WO2001006699A3 (en) | 2001-10-04 |
AU6222600A (en) | 2001-02-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7111172B1 (en) | System and methods for maintaining and distributing personal security devices | |
CN101421968B (en) | Authentication system for networked computer applications | |
US6834112B1 (en) | Secure distribution of private keys to multiple clients | |
US6230272B1 (en) | System and method for protecting a multipurpose data string used for both decrypting data and for authenticating a user | |
US6678821B1 (en) | Method and system for restricting access to the private key of a user in a public key infrastructure | |
US8462955B2 (en) | Key protectors based on online keys | |
US7003668B2 (en) | Secure authentication of users via intermediate parties | |
US8046589B2 (en) | Renewable and private biometrics | |
US20030208681A1 (en) | Enforcing file authorization access | |
SE514105C2 (en) | Secure distribution and protection of encryption key information | |
US20070195998A1 (en) | Method, system, personal security device and computer program product for cryptographically secured biometric authentication | |
US20110047371A1 (en) | System and method for secure data sharing | |
US11570155B2 (en) | Enhanced secure encryption and decryption system | |
US20150082022A1 (en) | Devices and techniques for controlling disclosure of sensitive information | |
US20060294395A1 (en) | Executable software security system | |
TW201223225A (en) | Method for personal identity authentication utilizing a personal cryptographic device | |
JP2006522507A (en) | Secure communication system and secure communication method | |
EP3785409B1 (en) | Data message sharing | |
US11522722B2 (en) | Communication apparatus and communication method | |
CN113114458A (en) | Encryption certificate generation method, decryption method, encryption certificate generation device, decryption device and encryption certificate system | |
KR101987579B1 (en) | Method and system for sending and receiving of secure mail based on webmail using by otp and diffie-hellman key exchange | |
KR101473410B1 (en) | Method for Accessing Recording Area of Digital Certificate | |
TW465213B (en) | Method for performing encryption and decryption via computer and IC card | |
WO2005055516A1 (en) | Method and apparatus for data certification by a plurality of users using a single key pair |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FZDE | Discontinued |